Cross-site scripting (XSS) vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to inject arbitrary web script or HTML via the client's DNS hostname (aka the REMOTE_HOST variable), related to the...
5.9AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart Script allows remote attackers to inject arbitrary web script or HTML via the query string to the default...
5.9AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in shopcontent.asp in VP-ASP Shopping Cart 6.50, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the type...
5.8AI Score
0.008EPSS
Cross-site scripting (XSS) vulnerability in shopcustadmin.asp in VP-ASP Shopping Cart 6.09 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg...
5.7AI Score
0.005EPSS
Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote attackers to inject arbitrary web script or HTML via the UserName...
6AI Score
0.006EPSS
The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 through 5.0 does not sufficiently cleanse inputs, which allows remote attackers to conduct cross-site scripting (XSS) attacks that do not use tags, as demonstrated via javascript in IMG tags to (1) the cat parameter in...
6.2AI Score
0.005EPSS